TRENDING

Automation, closed loop tactics boost enterprise security

By GCN Staff

Jan 24, 2014

Palo Alto Networks has announced enhancements to its enterprise security and Wildfire threat analysis systems that speed up the discovery and elimination of malware, zero-day exploits and advanced persistent threats, according the firm.

The upgrades are designed to address new methods criminals are now using to evade more traditional security measures, including firewalls, intrusion detection and anti-virus systems. Such legacy tools often address only a single type of threat across a limited range of network traffic, says Palo Alto, resulting in high rates of attack and costly damage control measures.

To meet more sophisticated enterprise threats, Palo Alto says a highly automated and scalable “closed loop” approach is required. This includes positive security controls to minimize the attack surface, inspection of traffic to block all known threats and the use of new protections to block all new or previously unknown threats.

The firm says its enhanced enterprise security system is pioneering this approach, starting with a new firewall as the core defense within the network and including advanced detection and analysis features from its WildFire service.

The enhancements include:

Extended file visibility, where all common file types and applications – encrypted or not– are now detected, sandboxed and filtered.

Zero-day exploit detection using behavioral analysis. This capability in the WildFire cloud quickly identifies exploits in common applications and operating systems and distributes the intelligence to subscribing customers to prevent future attacks.

Discovery of malicious domains, which blocks the critical command-and-control phase of an advanced attack by building a global database of compromised domains and infrastructure.

Single "pane of glass" view into incident response data, providing security administrators information on malware, its behavior and compromised hosts, so that incident response teams can quickly address threats and build proactive controls.

“By having our firewall, URL filtering, threat prevention natively integrated and managed from a single dashboard – instead of multiple niche products, we have a clearer picture of our threat landscape. Ultimately, the platform gives us what we need to effectively detect, analyze, block, and, more importantly, quickly remediate issues.”

inside gcn

Reader Comments

Sun, May 10, 2015
jayroot
west Michigan

Will this automation, and closed loop security your developing. Work like some of Microsoft's enterprise automated security? Loopback isatap adatpers, Ipv6 tunnelling, VPN,proxy connecting to intended URLs and or reformating webpages on the local network with XML transformation code? Along with the firewalls analyzing all common file types etc? Just curious as to what exactly the new security measures is implemented... Is there a demo or presentation your company has available?

Please post your comments here. Comments are moderated, so they may not appear immediately
after submitting. We will not post comments that we consider abusive or off-topic.